Cybersecurity Testing and Validation

Paper #:
  • 2017-01-1655

Published:
  • 2017-03-28
DOI:
  • 10.4271/2017-01-1655
Citation:
Wooderson, P. and Ward, D., "Cybersecurity Testing and Validation," SAE Technical Paper 2017-01-1655, 2017, doi:10.4271/2017-01-1655.
Affiliated:
Pages:
7
Abstract:
An essential part of an effective cybersecurity engineering process is testing the implementation of a system for vulnerabilities and validating the effectiveness of countermeasures. The SAE J3061 Cybersecurity Guidebook for Cyber-Physical Vehicle Systems provides a recommended framework which organizations can use to implement a cybersecurity engineering process, which includes activities such as integration and testing, penetration testing and verification/validation of cybersecurity requirements at the hardware, software and system levels. This presentation explores the different kinds of testing that are appropriate at each of these process steps and discusses some important differences between cybersecurity testing and more familiar forms of testing. We also consider the necessary scope and depth of cybersecurity testing and suggest examples of how this can be related to cybersecurity requirements, goals and integrity levels, as determined by the threat analysis and risk assessment.
Access
Now
SAE MOBILUS Subscriber? You may already have access.
Buy
Select
Price
List
Download
$27.00
Mail
$27.00
Members save up to 40% off list price.
Share
HTML for Linking to Page
Page URL

Related Items

Standard
2006-09-12